US6061341A - Use of transmission control protocol proxy within packet data service transmissions in a mobile network - Google Patents

Use of transmission control protocol proxy within packet data service transmissions in a mobile network Download PDF

Info

Publication number
US6061341A
US6061341A US08/991,662 US99166297A US6061341A US 6061341 A US6061341 A US 6061341A US 99166297 A US99166297 A US 99166297A US 6061341 A US6061341 A US 6061341A
Authority
US
United States
Prior art keywords
packet
switching center
mobile
mobile station
mobile switching
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
US08/991,662
Inventor
Dick Sven Andersson
Torgny Karlsson
Anders Herlitz
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Telefonaktiebolaget LM Ericsson AB
Original Assignee
Telefonaktiebolaget LM Ericsson AB
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonaktiebolaget LM Ericsson AB filed Critical Telefonaktiebolaget LM Ericsson AB
Priority to US08/991,662 priority Critical patent/US6061341A/en
Assigned to TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) reassignment TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: ANDERSSON, DICK SVEN, HERLITZ, ANDERS, KARLSSON, TORGNY
Priority to JP2000539617A priority patent/JP4020587B2/en
Priority to PCT/SE1998/002257 priority patent/WO1999031855A1/en
Priority to CA002314268A priority patent/CA2314268C/en
Priority to CN98813651A priority patent/CN1112017C/en
Priority to DE69834505T priority patent/DE69834505T2/en
Priority to EP98962787A priority patent/EP1040631B1/en
Priority to AU17945/99A priority patent/AU752679B2/en
Publication of US6061341A publication Critical patent/US6061341A/en
Application granted granted Critical
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/165Combined use of TCP and UDP protocols; selection criteria therefor
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/12Setup of transport tunnels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W80/00Wireless network protocols or protocol adaptations to wireless operation
    • H04W80/06Transport layer protocols, e.g. TCP [Transport Control Protocol] over wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/16Gateway arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W92/00Interfaces specially adapted for wireless communication networks
    • H04W92/02Inter-networking arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W92/00Interfaces specially adapted for wireless communication networks
    • H04W92/16Interfaces between hierarchically similar devices
    • H04W92/24Interfaces between hierarchically similar devices between backbone network devices

Definitions

  • the present invention is related to packet data communications, and more particularly, to communications between a remote network host and a mobile station operating within a mobile network interconnected with the remote network.
  • a mobile station may function as or in association with data terminal equipment (DTE) in providing Internet access or packet communications to an associated mobile subscriber.
  • DTE data terminal equipment
  • Voice communications over the mobile network normally use the circuit switch mode of operation.
  • Packet data communications over the mobile network use packet-switched communications, (e.g., TCP/IP), on a packet channel.
  • a mobile station configured for packet data communications includes a Internet protocol (IP) address which is known by the mobile network.
  • IP Internet protocol
  • the data terminal equipment attached to the mobile station is configured with this address.
  • An incoming TCP/IP packet addressed to the DTE associated with the mobile station from an exterior network, such as the Internet forces the mobile network associated with the mobile station to perform a paging of the mobile station.
  • the paging demands that the mobile station switch to a packet mode of operation and establish a packet channel with the mobile network. Once a packet channel is established on the mobile network, the DTE at the mobile station and the Internet host originating the TCP/IP packet can transparently transfer data between each other.
  • the interconnection between the Internet host and a mobile station utilizes a TCP/IP protocol using a "three-way handshake" routine as illustrated in FIG. 1.
  • the client comprises the contacting Internet host and the server comprises a mobile station.
  • the three-way handshake routine uses the SYN and ACK flags within the TCP header.
  • An incoming TCP packet from the client (Internet host) includes a set SYN flag bit.
  • the outgoing TCP packet response has both the SYN and ACK flag set.
  • the client responds to this by transmitting a packet response having a set ACK flag.
  • TCP SYN flooding attack One well known denial of service attack utilized on the Internet today is the TCP SYN flooding attack.
  • a client transmits TCP packets having the SYN flag set to a server but does not answer the responding TCP packets having the SYN and ACK flags set. This causes the server to wait for TCP packets including a set ACK flag until the server times out. This has the effect of hanging up system resources until the server timeout period expires.
  • the mobile network when an attacker transmits a TCP SYN packet to a specific address within the mobile network, the mobile network will perform a paging of the associated mobile station provided that the mobile station resides in an idle mode. If the mobile station is capable, a packet data channel is established for the mobile station. If the attack is directed to an entire address base, the network would page all idle mobile stations for that address base. This would eventually download the entire mobile network. This comprises a huge threat for the network and the radio resources associated with the network if a TCP SYN flooding attack is being utilized.
  • the present invention overcomes the foregoing and other problems with a system and method enabling the generation of a TCP packet connection between a remote host on a first network, such as the Internet, and a mobile station having included digital terminal equipment within a mobile network.
  • a three-way handshake routine is performed between the remote host and a gateway packet mobile switching center (GPMSC) associated with the mobile network.
  • the three-way handshake routine is initiated by a TCP SYN packet transmission from the remote host to the mobile station.
  • a TCP proxy functionality associated with the gateway packet mobile switching center buffers the TCP SYN packet and transmits a TCP SYN+ACK packet response to the remote host.
  • the remote host transmits a TCP ACK packet response to the GPMSC.
  • the TCP ACK response is buffered by the TCP proxy functionality while a packet channel is generated between the GPMSC and the mobile station via a visting packet mobile switching center presently serving the mobile station.
  • a second three-way handshake routine is initiated between the GPMSC and the mobile station.
  • the buffered TCP SYN packet which has been forwarded from the GPMSC to a visiting packet mobile switching center is transmitted from the visting packet mobile switching center to the mobile station and associated digital terminal equipment.
  • a response TCP SYN+ACK packet is transmitted from the mobile station back to the GPMSC.
  • the GPMSC transmits the buffered TCP ACK packet of the original three-way handshake routine to the mobile station to initiate the TCP connection between the mobile station and the remote host.
  • FIG. 1 is an illustration of a three-way handshake routine for establishing a TCP connection
  • FIG. 2 is a block diagram illustrating the network architecture of a packet mobile network, including a TCP proxy functionality
  • FIG. 3 is a signal diagram illustrating the establishment of a TCP connection between an Internet host and a mobile station with associated digital terminal equipment.
  • the goal of the present invention is to enable an interconnection between a mobile station 30 with associated digital terminal equipment (DTE) 35 and a remote host 40 through a mobile network 45 and a remote network 50 (Internet or Intranet).
  • DTE digital terminal equipment
  • Requests for a TCP connection from a remote host 40 to the mobile station 30 and associated DTE 35 initially pass through the Internet/Intranet network 50 to the mobile network 45 where the connection request is initially received by a gateway packet mobile switching center 55 including a TCP proxy functionality 60.
  • a three-way handshake routine In response to the TCP connection request, a three-way handshake routine, which will be more fully discussed in a moment, is carried out between the GPMSC 55 and the remote host 40.
  • a TCP SYN packet and a TCP ACK packet from the remote host 40 are buffered within a memory 65 associated with the TCP proxy functionality 60 as a result of the three-way handshake routine.
  • the GPMSC 55 queries a home location register (HLR) 70 associated with the mobile station 30 to determine routing and location information for the mobile station. Using this information, an incoming packet request is transmitted to the visiting packet mobile switching center (VPMSC) 75 serving the mobile station 30.
  • the incoming packet request includes the buffered TCP SYN packet.
  • the VPMSC 75 issues a paging request to the visiting mobile switching center (VMSC) 80 that is providing radio support to the mobile station 30, and the VMSC performs a paging of the mobile station through an associated base station transmitter 85.
  • VMSC visiting mobile switching center
  • a packet data channel is established between the mobile station and the VPMSC 75.
  • the VPMSC 75 initiates a second three-way handshake routine between the VPMSC, mobile station 30 and GPMSC 55 using the buffered TCP SYN packet.
  • This handshake routine results in the stored TCP ACK packet response stored within the memory 65 of the GPMSC 55 being transmitted to the mobile station 30.
  • a TCP connection is completed from the mobile station to the GPMSC 55 and the remote host 40. In this manner, TCP packet communications may be carried out from the remote host 40 to the mobile station 30 and associated DTE 35 via the Internet/Intranet network 50 and mobile network 45.
  • FIG. 3 there is illustrated a signaling diagram describing the establishment of a TCP connection 160 between the remote host 40 and the mobile station 30 with associated digital terminal equipment 35.
  • the process is initiated by a TCP SYN packet 100 transmitted from the Internet host 40.
  • the TCP SYN packet 100 is sent to the IP address of the mobile station 30 and associated DTE 35.
  • the TCP proxy functionality 60 within the GPMSC intercepts, buffers and responds to the TCP SYN packet 100 with a TCP SYN+ACK packet 105 which is transmitted to the Internet host 40.
  • the TCP proxy functionality 60 is acting as the mobile station 30.
  • the Internet host 40 replies with a TCP ACK packet 110.
  • the GPMSC 55 buffers the TCP ACK packet 110 with the TCP SYN packet 100 and any following TCP packets, if any, (not shown) from the Internet host 40. If for some reason the TCP ACK packet 110 is not received, no further actions are taken by the GPMSC 55.
  • the GPMSC 55 performs an IP address to mobile station network address conversion and generates a PMAP protocol information request 115 to the HLR 70 of the mobile station 30 requesting the VPMSC 75 serving the mobile station and the mobile station identifier (MSI) of the mobile station.
  • the home location register 70 responds with a PMAP protocol message 120 providing the VPMSC 75 and MSI of the mobile station 30 to the GPMSC 55.
  • the GPMSC 55 uses this information, the GPMSC 55 generates another PMAP protocol message 125 to the indicated VPMSC 75.
  • the PMAP protocol message 125 includes the encapsulated, buffered TCP SYN packet and address information to the identified VPMSC 75.
  • the VPMSC 75 determines whether the subscriber is not registered (i.e., not in packet mode), and if not, issues a PMAP protocol paging request 130 to the VMSC 80 serving the mobile station 30.
  • the VMSC 80 generates a paging message 135 to the mobile station 30 requesting that the mobile station switch over to a packet mode of operation.
  • the mobile station 30 establishes a packet channel 140 with the VPMSC 75.
  • the packet channel establishment procedure includes both registration and authentication of the mobile station 30 with the VPMSC 75.
  • the VPMSC transmits the received, buffered TCP SYN packet 145 originally provided by the GPMSC 55 to the mobile station 30.
  • the mobile station 30 responds to the TCP SYN packet 145 with a TCP SYN+ACK packet 150 which is captured by the TCP proxy functionality 60 of the GPMSC 55.
  • the GPMSC 55 transmits the buffered TCP ACK packet 155 to the mobile station 30 along with any following packets, if any, buffered by the GPMSC.
  • the GPMSC 55 is now transparent to data traffic between the Internet host 40 and mobile station 35, and the TCP connection 160 is established.
  • the mobile network 45 is protected from TCP SYN flooding attacks.
  • the mobile network 45 will not setup a packet data channel with an idle mobile station 30 unless the originating remote host 40 is verified by the TCP proxy functionality 60 according to the three-way handshake procedure.
  • TCP SYN flooding attacks will be stopped at the GPMSC 55 and not disable system resources within the mobile network 45.

Abstract

A method and apparatus for generating a TCP packet connection between a remote host on a first network and a mobile station on a mobile network is disclosed. The process initially involves performing a three-way handshake routine between the remote host and a gateway packet mobile switching center of the mobile network to establish the validity of a TCP packet connection request. During the handshake routine transmissions from the remote host are buffered by the gateway packet mobile switching center. A second three-way handshake routine is then carried out between the gateway packet mobile switching center and the mobile station using the buffered transmissions to complete a TCP connection between the mobile station and the remote host.

Description

BACKGROUND OF THE INVENTION
1. Technical Field of the Invention
The present invention is related to packet data communications, and more particularly, to communications between a remote network host and a mobile station operating within a mobile network interconnected with the remote network.
2. Description of Related Art
Developments and improvements in mobile telecommunication networks have enabled mobile subscribers to communicate data, other than mere voice data, over a serving mobile telecommunications network. With a wide proliferation of Internet and e-mail applications, mobile subscribers are able to access their e-mail messages or even browse or surf the Internet via their associated mobile stations. Accordingly, a mobile station may function as or in association with data terminal equipment (DTE) in providing Internet access or packet communications to an associated mobile subscriber. Voice communications over the mobile network normally use the circuit switch mode of operation. Packet data communications over the mobile network use packet-switched communications, (e.g., TCP/IP), on a packet channel.
A mobile station configured for packet data communications includes a Internet protocol (IP) address which is known by the mobile network. The data terminal equipment attached to the mobile station is configured with this address. An incoming TCP/IP packet addressed to the DTE associated with the mobile station from an exterior network, such as the Internet, forces the mobile network associated with the mobile station to perform a paging of the mobile station. The paging demands that the mobile station switch to a packet mode of operation and establish a packet channel with the mobile network. Once a packet channel is established on the mobile network, the DTE at the mobile station and the Internet host originating the TCP/IP packet can transparently transfer data between each other.
The interconnection between the Internet host and a mobile station utilizes a TCP/IP protocol using a "three-way handshake" routine as illustrated in FIG. 1. In this case, the client comprises the contacting Internet host and the server comprises a mobile station. The three-way handshake routine uses the SYN and ACK flags within the TCP header. An incoming TCP packet from the client (Internet host) includes a set SYN flag bit. The outgoing TCP packet response has both the SYN and ACK flag set. The client responds to this by transmitting a packet response having a set ACK flag. Once this routine has been performed a TCP/IP connection is established between the client and server.
One well known denial of service attack utilized on the Internet today is the TCP SYN flooding attack. In this attack, a client transmits TCP packets having the SYN flag set to a server but does not answer the responding TCP packets having the SYN and ACK flags set. This causes the server to wait for TCP packets including a set ACK flag until the server times out. This has the effect of hanging up system resources until the server timeout period expires.
In the context of a mobile network, when an attacker transmits a TCP SYN packet to a specific address within the mobile network, the mobile network will perform a paging of the associated mobile station provided that the mobile station resides in an idle mode. If the mobile station is capable, a packet data channel is established for the mobile station. If the attack is directed to an entire address base, the network would page all idle mobile stations for that address base. This would eventually download the entire mobile network. This comprises a huge threat for the network and the radio resources associated with the network if a TCP SYN flooding attack is being utilized.
SUMMARY OF THE INVENTION
The present invention overcomes the foregoing and other problems with a system and method enabling the generation of a TCP packet connection between a remote host on a first network, such as the Internet, and a mobile station having included digital terminal equipment within a mobile network. Initially, a three-way handshake routine is performed between the remote host and a gateway packet mobile switching center (GPMSC) associated with the mobile network. The three-way handshake routine is initiated by a TCP SYN packet transmission from the remote host to the mobile station. Rather than forwarding the TCP SYN packet to the mobile station, a TCP proxy functionality associated with the gateway packet mobile switching center buffers the TCP SYN packet and transmits a TCP SYN+ACK packet response to the remote host. The remote host transmits a TCP ACK packet response to the GPMSC. The TCP ACK response is buffered by the TCP proxy functionality while a packet channel is generated between the GPMSC and the mobile station via a visting packet mobile switching center presently serving the mobile station.
Upon creation of a packet channel to the mobile station, a second three-way handshake routine is initiated between the GPMSC and the mobile station. In this handshake routine, the buffered TCP SYN packet which has been forwarded from the GPMSC to a visiting packet mobile switching center is transmitted from the visting packet mobile switching center to the mobile station and associated digital terminal equipment. A response TCP SYN+ACK packet is transmitted from the mobile station back to the GPMSC. In response, the GPMSC transmits the buffered TCP ACK packet of the original three-way handshake routine to the mobile station to initiate the TCP connection between the mobile station and the remote host.
BRIEF DESCRIPTION OF THE DRAWINGS
For a more complete understanding of the present invention, reference is made to the following detailed description taken in conjunction with the accompanying drawings wherein:
FIG. 1 is an illustration of a three-way handshake routine for establishing a TCP connection;
FIG. 2 is a block diagram illustrating the network architecture of a packet mobile network, including a TCP proxy functionality; and
FIG. 3 is a signal diagram illustrating the establishment of a TCP connection between an Internet host and a mobile station with associated digital terminal equipment.
DETAILED DESCRIPTION OF THE INVENTION
Referring now to the Drawings, and more particularly to FIG. 2, there is illustrated the network architecture of a packet mobile network, including a TCP proxy functionality. The goal of the present invention is to enable an interconnection between a mobile station 30 with associated digital terminal equipment (DTE) 35 and a remote host 40 through a mobile network 45 and a remote network 50 (Internet or Intranet). Requests for a TCP connection from a remote host 40 to the mobile station 30 and associated DTE 35 initially pass through the Internet/Intranet network 50 to the mobile network 45 where the connection request is initially received by a gateway packet mobile switching center 55 including a TCP proxy functionality 60. In response to the TCP connection request, a three-way handshake routine, which will be more fully discussed in a moment, is carried out between the GPMSC 55 and the remote host 40. A TCP SYN packet and a TCP ACK packet from the remote host 40 are buffered within a memory 65 associated with the TCP proxy functionality 60 as a result of the three-way handshake routine.
The GPMSC 55 queries a home location register (HLR) 70 associated with the mobile station 30 to determine routing and location information for the mobile station. Using this information, an incoming packet request is transmitted to the visiting packet mobile switching center (VPMSC) 75 serving the mobile station 30. The incoming packet request includes the buffered TCP SYN packet. The VPMSC 75 issues a paging request to the visiting mobile switching center (VMSC) 80 that is providing radio support to the mobile station 30, and the VMSC performs a paging of the mobile station through an associated base station transmitter 85.
If the mobile station 30 responds to the page, a packet data channel is established between the mobile station and the VPMSC 75. The VPMSC 75 initiates a second three-way handshake routine between the VPMSC, mobile station 30 and GPMSC 55 using the buffered TCP SYN packet. This handshake routine results in the stored TCP ACK packet response stored within the memory 65 of the GPMSC 55 being transmitted to the mobile station 30. Upon receipt of the TCP ACK packet response at the mobile station 30, a TCP connection is completed from the mobile station to the GPMSC 55 and the remote host 40. In this manner, TCP packet communications may be carried out from the remote host 40 to the mobile station 30 and associated DTE 35 via the Internet/Intranet network 50 and mobile network 45.
Referring now to FIG. 3, there is illustrated a signaling diagram describing the establishment of a TCP connection 160 between the remote host 40 and the mobile station 30 with associated digital terminal equipment 35. The process is initiated by a TCP SYN packet 100 transmitted from the Internet host 40. The TCP SYN packet 100 is sent to the IP address of the mobile station 30 and associated DTE 35. When the TCP SYN packet 100 is received by the GPMSC 55, the TCP proxy functionality 60 within the GPMSC intercepts, buffers and responds to the TCP SYN packet 100 with a TCP SYN+ACK packet 105 which is transmitted to the Internet host 40. By transmitting the TCP SYN+ACK packet 105, the TCP proxy functionality 60 is acting as the mobile station 30. In response to the TCP SYN+ACK packet 105, the Internet host 40 replies with a TCP ACK packet 110. The GPMSC 55 buffers the TCP ACK packet 110 with the TCP SYN packet 100 and any following TCP packets, if any, (not shown) from the Internet host 40. If for some reason the TCP ACK packet 110 is not received, no further actions are taken by the GPMSC 55.
If a TCP ACK packet 110 is received, the GPMSC 55 performs an IP address to mobile station network address conversion and generates a PMAP protocol information request 115 to the HLR 70 of the mobile station 30 requesting the VPMSC 75 serving the mobile station and the mobile station identifier (MSI) of the mobile station. The home location register 70 responds with a PMAP protocol message 120 providing the VPMSC 75 and MSI of the mobile station 30 to the GPMSC 55. Using this information, the GPMSC 55 generates another PMAP protocol message 125 to the indicated VPMSC 75. The PMAP protocol message 125 includes the encapsulated, buffered TCP SYN packet and address information to the identified VPMSC 75.
The VPMSC 75 determines whether the subscriber is not registered (i.e., not in packet mode), and if not, issues a PMAP protocol paging request 130 to the VMSC 80 serving the mobile station 30. The VMSC 80 generates a paging message 135 to the mobile station 30 requesting that the mobile station switch over to a packet mode of operation. In response to the paging message 135, the mobile station 30 establishes a packet channel 140 with the VPMSC 75. The packet channel establishment procedure includes both registration and authentication of the mobile station 30 with the VPMSC 75.
Once the mobile station establishes a packet channel 140 with the VPMSC 75, the VPMSC transmits the received, buffered TCP SYN packet 145 originally provided by the GPMSC 55 to the mobile station 30. The mobile station 30 responds to the TCP SYN packet 145 with a TCP SYN+ACK packet 150 which is captured by the TCP proxy functionality 60 of the GPMSC 55. In response to the TCP SYN+ACK packet 150, the GPMSC 55 transmits the buffered TCP ACK packet 155 to the mobile station 30 along with any following packets, if any, buffered by the GPMSC. The GPMSC 55 is now transparent to data traffic between the Internet host 40 and mobile station 35, and the TCP connection 160 is established.
In this manner, the mobile network 45 is protected from TCP SYN flooding attacks. The mobile network 45 will not setup a packet data channel with an idle mobile station 30 unless the originating remote host 40 is verified by the TCP proxy functionality 60 according to the three-way handshake procedure. TCP SYN flooding attacks will be stopped at the GPMSC 55 and not disable system resources within the mobile network 45.
Although a preferred embodiment of the method and apparatus of the present invention has been illustrated in the accompanying Drawings and described in the foregoing Detailed Description, it is understood that the invention is not limited to the embodiment disclosed, but is capable of numerous rearrangements, modifications, and substitutions without departing from the spirit of the invention as set forth and defined by the following claims.

Claims (18)

What is claimed is:
1. A method for generating a packet connection between a remote host on a first network and a mobile station on a mobile network, comprising the steps of:
receiving a packet connection request from the remote host to the mobile station at a gateway packet mobile switching center;
performing a first three-way handshake routine between the remote host and the gateway packet mobile switching center of the mobile network in response to the packet connection request from the remote host to the mobile station, said step of performing further comprising the steps of;
transmitting an initiation packet from the remote host to the gateway packet mobile switching center to initiate a packet connection;
transmitting a response packet from the gateway packet mobile switching center to the remote host in response to the initiation packet; and
transmitting the acknowledge response from the remote host to the gateway packet mobile switching center in response to the response packet;
buffering transmissions of the first three-way handshake routine from the remote host at the gateway packet mobile switching center of the mobile network;
performing a second three-way handshake routine between the gateway packet mobile switching center and the mobile station, wherein transmissions from the gateway packet mobile during the second three-way handshake routine comprise the buffered transmissions from the first three-way handshake routine; and
establishing the packet connection between the remote host and the mobile station upon completion of the second three-way handshake routine.
2. The method of claim 1, further comprising the step of:
establishing a packet channel between the gateway packet mobile switching center and the mobile station.
3. The method of claim 2, wherein the step of establishing further includes the steps of:
determining a location of the mobile station by accessing a home location register of the mobile station; and
generating a paging request to the mobile station.
4. The method of claim 3, wherein the step of generating further includes the steps of:
generating a paging request to a mobile switching center presently serving the mobile station from a packet mobile switching center serving the mobile station; and
paging the mobile station from the serving mobile switching center.
5. The method of claim 1, wherein the step of buffering further includes the steps of:
buffering the initiation packet from the remote host; and
buffering the acknowledge response from the remote host.
6. The method of claim 5, wherein the step of performing the second three-way handshake further comprises the steps of:
forwarding the buffered initiation packet from the gateway packet mobile switching center to a visiting packet mobile switching center;
transmitting the buffered initiation packet from the visiting packet mobile switching center to the mobile station upon establishment of a packet channel;
transmitting the response packet from the mobile station to the gateway packet mobile switching center in response to the initiation packet; and
transmitting the buffered acknowledge response from the gateway packet mobile switching center to the mobile station in response to the response packet.
7. The method of claim 1, wherein the step of buffering further comprises buffering all packets following the acknowledge response.
8. A method for generating a TCP packet connection between a remote host on an Internet network and a mobile station on a mobile network, comprising the steps of:
performing a first three-way handshake routine between the remote host and a gateway packet mobile switching center of the mobile network in response to a packet connection request from the remote host to the mobile station;
buffering a TCP SYN packet and TCP ACK packet of the first three-way handshake routine and any following TCP packets from the remote host to the gateway packet mobile switching center of the mobile network;
establishing a packet channel between the gateway packet mobile switching center and the mobile station;
transmitting the buffered TCP SYN packet of the first three-way handshake routine from a visiting packet mobile switching center to the mobile station upon establishment of the packet channel;
transmitting a TCP SYN+ACK packet from the mobile station to the gateway packet mobile switching center in response to the TCP SYN packet; and
transmitting the buffered TCP ACK packet of the first three-way handshake routine from the gateway mobile switching center to the mobile station in response to the TCP SYN+ACK packet.
9. The method of claim 8, wherein the step of establishing further includes the steps of:
determining a location of the mobile station by accessing a home location register of the mobile station; and
generating a paging request to the mobile station.
10. The method of claim 9, wherein the step of generating further includes the steps of:
generating a paging request to a mobile switching center presently serving the mobile station from a visiting packet mobile switching center serving the mobile station; and
paging the mobile station from the serving mobile switching center.
11. The method of claim 8, wherein the step of performing the first three-way handshake routine further comprises the steps of:
transmitting the TCP SYN packet from the remote host to the gateway packet mobile switching center to initiate a packet connection;
transmitting the TCP SYN+ACK packet from the gateway packet mobile switching center to the remote host in response to the TCP SYN packet; and
transmitting the TCP ACK packet from the remote host to the gateway packet mobile switching center in response to the TCP SYN+ACK packet.
12. The method of claim 8 further including the step of:
forwarding the buffered TCP SYN packet of the first three-way handshake routine from the gateway packet mobile switching center to the visiting packet mobile switching center within a PMAP protocol message.
13. A gateway packet mobile switching center, comprising:
a first interconnection with a first network;
a second interconnection with a mobile network;
a memory for storing transmissions from the remote host on the first network; and
a TCP proxy functionality, responsive to a connection request from a remote host in the first network to a mobile station the mobile network for responding to a three-way handshake routine between the gateway packet mobile switching center and the remote host, for storing transmissions from the remote host during the first three-way handshake routine in the memory and for initiating a second three-way handshake routine using the transmissions stored in the memory to complete a packet channel from the remote host to the mobile station.
14. The gateway packet mobile switching center of claim 13, wherein the first network comprises an Internet.
15. The gateway packet mobile switching center of claim 13, wherein the first network comprises an Intranet.
16. The gateway packet mobile switching center of claim 13, wherein the transmissions comprise a TCP SYN packet and a TCP ACK packet.
17. The gateway packet mobile switching center of claim 16, wherein the transmissions further comprises a plurality of stored data packets.
18. A method for generating a TCP packet connection between a remote host on an Internet network and a mobile station on a mobile network, comprising the steps of:
performing a first three-way handshake routine between the remote host and a gateway packet mobile switching center of the mobile network in response to a packet connection request from the remote host to the mobile station;
buffering a TCP SYN packet and TCP ACK packet of received at the gateway packet mobile switching center during the first three-way handshake routine and any following TCP packets from the remote host to the gateway packet mobile switching center of the mobile network;
buffering all packets following the TCP SYN packet and the TCP ACK packet;
establishing a packet channel between the gateway packet mobile switching center and the mobile station;
transmitting the buffered TCP SYN packet from a visiting packet mobile switching center to the mobile station upon establishment of the packet channel;
transmitting a TCP SYN+ACK packet from the mobile station to the gateway packet mobile switching center in response to the TCP SYN packet; and
transmitting the buffered TCP ACK of the first three-way handshake routine packet from the gateway mobile switching center to the mobile station in response to the TCP SYN+ACK packet.
US08/991,662 1997-12-16 1997-12-16 Use of transmission control protocol proxy within packet data service transmissions in a mobile network Expired - Lifetime US6061341A (en)

Priority Applications (8)

Application Number Priority Date Filing Date Title
US08/991,662 US6061341A (en) 1997-12-16 1997-12-16 Use of transmission control protocol proxy within packet data service transmissions in a mobile network
CN98813651A CN1112017C (en) 1997-12-16 1998-12-08 Use of transmission control protocol proxy within packet data service transmissions in mobile network
PCT/SE1998/002257 WO1999031855A1 (en) 1997-12-16 1998-12-08 Use of transmission control protocol proxy within packet data service transmissions in a mobile network
CA002314268A CA2314268C (en) 1997-12-16 1998-12-08 Use of transmission control protocol proxy within packet data service transmissions in a mobile network
JP2000539617A JP4020587B2 (en) 1997-12-16 1998-12-08 Use of transmission control protocol proxies in packet data service transmissions in mobile networks
DE69834505T DE69834505T2 (en) 1997-12-16 1998-12-08 USING A TCP PROXY WITH PACKAGE DATA SERVICE TRANSMISSIONS IN A MOBILE NETWORK
EP98962787A EP1040631B1 (en) 1997-12-16 1998-12-08 Use of transmission control protocol proxy within packet data service transmissions in a mobile network
AU17945/99A AU752679B2 (en) 1997-12-16 1998-12-08 Use of transmission control protocol proxy within packet data service transmissions in a mobile network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US08/991,662 US6061341A (en) 1997-12-16 1997-12-16 Use of transmission control protocol proxy within packet data service transmissions in a mobile network

Publications (1)

Publication Number Publication Date
US6061341A true US6061341A (en) 2000-05-09

Family

ID=25537431

Family Applications (1)

Application Number Title Priority Date Filing Date
US08/991,662 Expired - Lifetime US6061341A (en) 1997-12-16 1997-12-16 Use of transmission control protocol proxy within packet data service transmissions in a mobile network

Country Status (8)

Country Link
US (1) US6061341A (en)
EP (1) EP1040631B1 (en)
JP (1) JP4020587B2 (en)
CN (1) CN1112017C (en)
AU (1) AU752679B2 (en)
CA (1) CA2314268C (en)
DE (1) DE69834505T2 (en)
WO (1) WO1999031855A1 (en)

Cited By (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6201965B1 (en) * 1998-11-10 2001-03-13 Nortel Networks Limited Telecommunication subscriber connection using a domain name system
US20020032774A1 (en) * 2000-09-07 2002-03-14 Kohler Edward W. Thwarting source address spoofing-based denial of service attacks
US20020032880A1 (en) * 2000-09-07 2002-03-14 Poletto Massimiliano Antonio Monitoring network traffic denial of service attacks
US20020035683A1 (en) * 2000-09-07 2002-03-21 Kaashoek Marinus Frans Architecture to thwart denial of service attacks
US20020035628A1 (en) * 2000-09-07 2002-03-21 Gil Thomer Michael Statistics collection for network traffic
US20020059435A1 (en) * 2000-07-21 2002-05-16 John Border Method and system for improving network performance using a performance enhancing proxy
WO2002049254A2 (en) * 2000-12-13 2002-06-20 Marnetics Ltd. A system and method for data transfer acceleration in a tcp network environment
US20020095492A1 (en) * 2000-09-07 2002-07-18 Kaashoek Marinus Frans Coordinated thwarting of denial of service attacks
US20020103916A1 (en) * 2000-09-07 2002-08-01 Benjie Chen Thwarting connection-based denial of service attacks
WO2002067599A1 (en) * 2001-02-15 2002-08-29 Tantivy Communications, Inc. A dual proxy approach to tcp performance improvements over a wireless interface
US6545988B1 (en) * 1997-07-02 2003-04-08 Telefonaktiebolaget Lm Ericsson (Publ) Method and device in telecommunications network
US20030081579A1 (en) * 2001-10-29 2003-05-01 Sierra Wireless, Inc., A Canadian Corporation Apparatus and method for coupling a network data device to a digital network
US20030145232A1 (en) * 2002-01-31 2003-07-31 Poletto Massimiliano Antonio Denial of service attacks characterization
US6671735B1 (en) * 2000-01-28 2003-12-30 Qualcomm Incorporated System and method for using an IP address as a wireless unit identifier
US20040205374A1 (en) * 2002-11-04 2004-10-14 Poletto Massimiliano Antonio Connection based anomaly detection
US20040215771A1 (en) * 2002-03-05 2004-10-28 Hayes John W. Concealing a network connected device
US20040221190A1 (en) * 2002-11-04 2004-11-04 Roletto Massimiliano Antonio Aggregator for connection based anomaly detection
US20050286423A1 (en) * 2004-06-28 2005-12-29 Poletto Massimiliano A Flow logging for connection-based anomaly detection
US20060075504A1 (en) * 2004-09-22 2006-04-06 Bing Liu Threat protection network
US20060089985A1 (en) * 2004-10-26 2006-04-27 Mazu Networks, Inc. Stackable aggregation for connection based anomaly detection
US20060173992A1 (en) * 2002-11-04 2006-08-03 Daniel Weber Event detection/anomaly correlation heuristics
US20070064718A1 (en) * 2005-09-19 2007-03-22 Ekl Randy L Method of reliable multicasting
US7213264B2 (en) 2002-01-31 2007-05-01 Mazu Networks, Inc. Architecture to thwart denial of service attacks
US7225260B2 (en) 2001-09-28 2007-05-29 Symbol Technologies, Inc. Software method for maintaining connectivity between applications during communications by mobile computer terminals operable in wireless networks
US20070147245A1 (en) * 2001-02-05 2007-06-28 Interdigital Technology Corporation Link-aware transmission control protocol
US20080034111A1 (en) * 2006-08-03 2008-02-07 Citrix Systems, Inc. Systems and Methods for Hierarchical Global Load Balancing
US20080244085A1 (en) * 2007-03-29 2008-10-02 Blue Coat Systems, Inc. System and Method of Delaying Connection Acceptance to Support Connection Request Processing at Layer-7
KR100891787B1 (en) * 2002-06-03 2009-04-07 삼성전자주식회사 Paging method to mobile communication system for high rate packet data service
US20090097469A1 (en) * 2007-10-11 2009-04-16 Nortel Networks Limited Method and apparatus to protect wireless networks from unsolicited packets triggering radio resource consumption
US20100332593A1 (en) * 2009-06-29 2010-12-30 Igor Barash Systems and methods for operating an anti-malware network on a cloud computing platform
US8090866B1 (en) * 2002-01-18 2012-01-03 Cisco Technology, Inc. TCP proxy connection management in a gigabit environment
WO2012046049A2 (en) * 2010-10-06 2012-04-12 Steelhoard Limited Scaffold safety rail and method of assembly
US20150381752A1 (en) * 2014-06-28 2015-12-31 Hughes Network Systems, Llc DYNAMIC DISABLING OF MULTI-STEP TRANSPORT LAYER HANDSHAKE SPOOFING IN PERFORMANCE ENHANCING PROXIES (PEPs) IN BROADBAND NETWORKS

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU783012B2 (en) * 1994-05-05 2005-09-15 Sprint Communications Company, L.P. Method, system and apparatus for telecommunications control
PT803156E (en) 1994-05-05 2005-03-31 Sprint Communications Co METHOD, SYSTEM AND APPARATUS FOR THE CONTROL OF TELECOMMUNICATIONS
FI990049A (en) * 1999-01-13 2000-07-14 Jaakko Olavi Pentikaeinen Modular wireless network / concept
US8359405B1 (en) 2000-02-28 2013-01-22 John Border Performance enhancing proxy and method for enhancing performance
US7881250B2 (en) 2001-01-18 2011-02-01 Ntt Docomo, Inc. Packet communication system
JP3648211B2 (en) * 2002-03-28 2005-05-18 富士通株式会社 Packet relay program, packet relay device, and recording medium
ATE295643T1 (en) * 2003-03-11 2005-05-15 Cit Alcatel SYSTEM FOR AUTOMATICALLY CONFIGURING A TRANSCEIVER AS EITHER CENTRAL OR REMOTE UNIT IN A COMMUNICATIONS SYSTEM
JP5248057B2 (en) * 2007-07-30 2013-07-31 株式会社エヌ・ティ・ティ・ドコモ COMMUNICATION METHOD, SERVER DEVICE, AND TERMINAL DEVICE
TWI566616B (en) * 2015-03-04 2017-01-11 瑞昱半導體股份有限公司 Three-way handshaking method and computer readable media

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5430709A (en) * 1992-06-17 1995-07-04 Hewlett-Packard Company Network monitoring method and apparatus
US5548586A (en) * 1994-08-12 1996-08-20 Nec Corporation Mobile packet communication system and a method of mobile packet communication
US5570373A (en) * 1995-03-20 1996-10-29 Lucent Technologies Inc. Method and apparatus for testing a radio in a base station without using a radio test unit
US5623601A (en) * 1994-11-18 1997-04-22 Milkway Networks Corporation Apparatus and method for providing a secure gateway for communication and data exchanges between networks
US5711006A (en) * 1995-08-03 1998-01-20 Telefonaktiebolaget Lm Ericsson (Publ) System and method for addressing a release resource message
WO1998002257A1 (en) * 1996-07-11 1998-01-22 Brandeis University Improved anti-graffiti coatings and method of graffiti removal
US5796790A (en) * 1995-03-24 1998-08-18 Telefonaktiebolaget L M Ericsson Reliable related billing ID information method for call delivery
US5802106A (en) * 1996-12-06 1998-09-01 Packeteer, Inc. Method for rapid data rate detection in a packet communication environment without data rate supervision

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5430709A (en) * 1992-06-17 1995-07-04 Hewlett-Packard Company Network monitoring method and apparatus
US5548586A (en) * 1994-08-12 1996-08-20 Nec Corporation Mobile packet communication system and a method of mobile packet communication
US5623601A (en) * 1994-11-18 1997-04-22 Milkway Networks Corporation Apparatus and method for providing a secure gateway for communication and data exchanges between networks
US5570373A (en) * 1995-03-20 1996-10-29 Lucent Technologies Inc. Method and apparatus for testing a radio in a base station without using a radio test unit
US5796790A (en) * 1995-03-24 1998-08-18 Telefonaktiebolaget L M Ericsson Reliable related billing ID information method for call delivery
US5711006A (en) * 1995-08-03 1998-01-20 Telefonaktiebolaget Lm Ericsson (Publ) System and method for addressing a release resource message
WO1998002257A1 (en) * 1996-07-11 1998-01-22 Brandeis University Improved anti-graffiti coatings and method of graffiti removal
US5802106A (en) * 1996-12-06 1998-09-01 Packeteer, Inc. Method for rapid data rate detection in a packet communication environment without data rate supervision

Non-Patent Citations (8)

* Cited by examiner, † Cited by third party
Title
A. Bakre et al., "I-TCP: Indirect TCP for Mobile Hosts," Proceedings of the International Conference on Distributed Computing Systems, Vancouver, May 30-Jun. 2, 1995, No. CONF. 15, May 30, 1995, pp. 136-143, XP000530804, IEEE.
A. Bakre et al., I TCP: Indirect TCP for Mobile Hosts, Proceedings of the International Conference on Distributed Computing Systems, Vancouver, May 30 Jun. 2, 1995, No. CONF. 15, May 30, 1995, pp. 136 143, XP000530804, IEEE. *
B. Guha et al., "Network Security Via Reverse Engineering of TCP Code: Vulnerability Analysis and Proposed Solutions," Proceedings of IEEE Infocom 1996. Conference on Computer Communications, Fifteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Networking the Next Generation, San Francisco, Mar. 24-28,, 1996, vol. 2, No. CONF. 15, Mar. 24, 1996, pp. 603-610, XP000621325, IEEE.
B. Guha et al., Network Security Via Reverse Engineering of TCP Code: Vulnerability Analysis and Proposed Solutions, Proceedings of IEEE Infocom 1996. Conference on Computer Communications, Fifteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Networking the Next Generation, San Francisco, Mar. 24 28,, 1996, vol. 2, No. CONF. 15, Mar. 24, 1996, pp. 603 610, XP000621325, IEEE. *
J. S. Hansen et al., "Semi-connected TCP/IP in a Mobile Computing Environment," Proceedings of IMC '96 Information Visualization and Mobile Computing, vol. 2, No. 1, Feb. 26-27, 1996, p. 5p, XP002062285, Rostock, Germany.
J. S. Hansen et al., Semi connected TCP/IP in a Mobile Computing Environment, Proceedings of IMC 96 Information Visualization and Mobile Computing, vol. 2, No. 1, Feb. 26 27, 1996, p. 5p, XP002062285, Rostock, Germany. *
R.Yavatkarand N.Bhagawat, "Improving End-to-End Performance of TCP over Mobile Internetworks," Proceedings of the Workshop on Mobile Computing Systems and Applications, Dec. 8-9, 1994, pp. 146-152, XP002062284, Santa Cruz, CA, USA.
R.Yavatkarand N.Bhagawat, Improving End to End Performance of TCP over Mobile Internetworks, Proceedings of the Workshop on Mobile Computing Systems and Applications, Dec. 8 9, 1994, pp. 146 152, XP002062284, Santa Cruz, CA, USA. *

Cited By (60)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6545988B1 (en) * 1997-07-02 2003-04-08 Telefonaktiebolaget Lm Ericsson (Publ) Method and device in telecommunications network
US6201965B1 (en) * 1998-11-10 2001-03-13 Nortel Networks Limited Telecommunication subscriber connection using a domain name system
US6671735B1 (en) * 2000-01-28 2003-12-30 Qualcomm Incorporated System and method for using an IP address as a wireless unit identifier
US20020059435A1 (en) * 2000-07-21 2002-05-16 John Border Method and system for improving network performance using a performance enhancing proxy
US7219158B2 (en) * 2000-07-21 2007-05-15 Hughes Network Systems Llc Method and system for improving network performance using a performance enhancing proxy
US7702806B2 (en) 2000-09-07 2010-04-20 Riverbed Technology, Inc. Statistics collection for network traffic
US20020032774A1 (en) * 2000-09-07 2002-03-14 Kohler Edward W. Thwarting source address spoofing-based denial of service attacks
US20020095492A1 (en) * 2000-09-07 2002-07-18 Kaashoek Marinus Frans Coordinated thwarting of denial of service attacks
US20020103916A1 (en) * 2000-09-07 2002-08-01 Benjie Chen Thwarting connection-based denial of service attacks
US7743134B2 (en) 2000-09-07 2010-06-22 Riverbed Technology, Inc. Thwarting source address spoofing-based denial of service attacks
US7124440B2 (en) 2000-09-07 2006-10-17 Mazu Networks, Inc. Monitoring network traffic denial of service attacks
US7278159B2 (en) 2000-09-07 2007-10-02 Mazu Networks, Inc. Coordinated thwarting of denial of service attacks
US7398317B2 (en) * 2000-09-07 2008-07-08 Mazu Networks, Inc. Thwarting connection-based denial of service attacks
US20020035683A1 (en) * 2000-09-07 2002-03-21 Kaashoek Marinus Frans Architecture to thwart denial of service attacks
US20020032880A1 (en) * 2000-09-07 2002-03-14 Poletto Massimiliano Antonio Monitoring network traffic denial of service attacks
US20020035628A1 (en) * 2000-09-07 2002-03-21 Gil Thomer Michael Statistics collection for network traffic
WO2002049254A2 (en) * 2000-12-13 2002-06-20 Marnetics Ltd. A system and method for data transfer acceleration in a tcp network environment
WO2002049254A3 (en) * 2000-12-13 2003-01-16 Marnetics Ltd A system and method for data transfer acceleration in a tcp network environment
US7672241B2 (en) * 2001-02-05 2010-03-02 Ipr Licensing, Inc. Link-aware transmission control protocol
US20070147245A1 (en) * 2001-02-05 2007-06-28 Interdigital Technology Corporation Link-aware transmission control protocol
US20030235206A1 (en) * 2001-02-15 2003-12-25 Tantivy Communications, Inc. Dual proxy approach to TCP performance improvements over a wireless interface
AU2002251937B2 (en) * 2001-02-15 2004-11-25 Ipr Licensing, Inc. A Dual Proxy Approach to TCP Performance Improvements Over a Wireless Interface
KR100988339B1 (en) 2001-02-15 2010-10-18 아이피알 라이센싱, 인코포레이티드 A dual proxy approach to tcp performance improvements over a wireless interface
WO2002067599A1 (en) * 2001-02-15 2002-08-29 Tantivy Communications, Inc. A dual proxy approach to tcp performance improvements over a wireless interface
KR100890978B1 (en) 2001-02-15 2009-03-27 아이피알 라이센싱, 인코포레이티드 A dual proxy approach to tcp performance improvements over a wireless interface
US7225260B2 (en) 2001-09-28 2007-05-29 Symbol Technologies, Inc. Software method for maintaining connectivity between applications during communications by mobile computer terminals operable in wireless networks
US20030081579A1 (en) * 2001-10-29 2003-05-01 Sierra Wireless, Inc., A Canadian Corporation Apparatus and method for coupling a network data device to a digital network
US8090866B1 (en) * 2002-01-18 2012-01-03 Cisco Technology, Inc. TCP proxy connection management in a gigabit environment
US7213264B2 (en) 2002-01-31 2007-05-01 Mazu Networks, Inc. Architecture to thwart denial of service attacks
US20030145232A1 (en) * 2002-01-31 2003-07-31 Poletto Massimiliano Antonio Denial of service attacks characterization
US7743415B2 (en) 2002-01-31 2010-06-22 Riverbed Technology, Inc. Denial of service attacks characterization
US6973496B2 (en) * 2002-03-05 2005-12-06 Archduke Holdings, Inc. Concealing a network connected device
US20040215771A1 (en) * 2002-03-05 2004-10-28 Hayes John W. Concealing a network connected device
KR100891787B1 (en) * 2002-06-03 2009-04-07 삼성전자주식회사 Paging method to mobile communication system for high rate packet data service
US7363656B2 (en) 2002-11-04 2008-04-22 Mazu Networks, Inc. Event detection/anomaly correlation heuristics
US20040205374A1 (en) * 2002-11-04 2004-10-14 Poletto Massimiliano Antonio Connection based anomaly detection
US8479057B2 (en) 2002-11-04 2013-07-02 Riverbed Technology, Inc. Aggregator for connection based anomaly detection
US20040221190A1 (en) * 2002-11-04 2004-11-04 Roletto Massimiliano Antonio Aggregator for connection based anomaly detection
US8504879B2 (en) 2002-11-04 2013-08-06 Riverbed Technology, Inc. Connection based anomaly detection
US20060173992A1 (en) * 2002-11-04 2006-08-03 Daniel Weber Event detection/anomaly correlation heuristics
US7929534B2 (en) 2004-06-28 2011-04-19 Riverbed Technology, Inc. Flow logging for connection-based anomaly detection
US20050286423A1 (en) * 2004-06-28 2005-12-29 Poletto Massimiliano A Flow logging for connection-based anomaly detection
US7836506B2 (en) 2004-09-22 2010-11-16 Cyberdefender Corporation Threat protection network
US20110078795A1 (en) * 2004-09-22 2011-03-31 Bing Liu Threat protection network
US20060075504A1 (en) * 2004-09-22 2006-04-06 Bing Liu Threat protection network
US20060089985A1 (en) * 2004-10-26 2006-04-27 Mazu Networks, Inc. Stackable aggregation for connection based anomaly detection
US7760653B2 (en) 2004-10-26 2010-07-20 Riverbed Technology, Inc. Stackable aggregation for connection based anomaly detection
US7561599B2 (en) * 2005-09-19 2009-07-14 Motorola, Inc. Method of reliable multicasting
US20070064718A1 (en) * 2005-09-19 2007-03-22 Ekl Randy L Method of reliable multicasting
US20080034111A1 (en) * 2006-08-03 2008-02-07 Citrix Systems, Inc. Systems and Methods for Hierarchical Global Load Balancing
US8626946B2 (en) * 2006-08-03 2014-01-07 Citrix Systems, Inc. Systems and methods for hierarchical global load balancing
US7743160B2 (en) 2007-03-29 2010-06-22 Blue Coat Systems, Inc. System and method of delaying connection acceptance to support connection request processing at layer-7
US20080244085A1 (en) * 2007-03-29 2008-10-02 Blue Coat Systems, Inc. System and Method of Delaying Connection Acceptance to Support Connection Request Processing at Layer-7
US7860079B2 (en) * 2007-10-11 2010-12-28 Nortel Networks Limited Method and apparatus to protect wireless networks from unsolicited packets triggering radio resource consumption
US20090097469A1 (en) * 2007-10-11 2009-04-16 Nortel Networks Limited Method and apparatus to protect wireless networks from unsolicited packets triggering radio resource consumption
US20100332593A1 (en) * 2009-06-29 2010-12-30 Igor Barash Systems and methods for operating an anti-malware network on a cloud computing platform
WO2012046049A2 (en) * 2010-10-06 2012-04-12 Steelhoard Limited Scaffold safety rail and method of assembly
WO2012046049A3 (en) * 2010-10-06 2012-06-07 Steelhoard Limited Scaffold safety rail and method of assembly
US20150381752A1 (en) * 2014-06-28 2015-12-31 Hughes Network Systems, Llc DYNAMIC DISABLING OF MULTI-STEP TRANSPORT LAYER HANDSHAKE SPOOFING IN PERFORMANCE ENHANCING PROXIES (PEPs) IN BROADBAND NETWORKS
US9832276B2 (en) * 2014-06-28 2017-11-28 Hughes Network Systems, Llc Dynamic disabling of multi-step transport layer handshake spoofing in performance enhancing proxies (PEPs) in broadband networks

Also Published As

Publication number Publication date
EP1040631B1 (en) 2006-05-10
AU1794599A (en) 1999-07-05
CA2314268C (en) 2008-10-07
WO1999031855A1 (en) 1999-06-24
CN1112017C (en) 2003-06-18
AU752679B2 (en) 2002-09-26
JP4020587B2 (en) 2007-12-12
DE69834505D1 (en) 2006-06-14
JP2002509392A (en) 2002-03-26
CN1285106A (en) 2001-02-21
DE69834505T2 (en) 2006-12-07
EP1040631A1 (en) 2000-10-04
CA2314268A1 (en) 1999-06-24

Similar Documents

Publication Publication Date Title
US6061341A (en) Use of transmission control protocol proxy within packet data service transmissions in a mobile network
FI110975B (en) Prevention of fraud in telecommunication systems
JP5208520B2 (en) Voice channel control for wireless packet data communication
US7289792B1 (en) Method for transmitting multimedia messages and a multimedia message communication system
EP1123626B1 (en) Ip roaming number gateway
FI114001B (en) Procedure for data communication and data transmission systems
JP2007520097A (en) System and method for sending compressed messages
US9391890B2 (en) Network-initiated method and system for establishing data communication using IP with a wireless terminal
KR100591815B1 (en) Method and Service Management System for converting from data communication to voice communication of the mobile phone
EP1692902B1 (en) System and method providing secure access and roaming support for mobile subscribers in a semi-connected mode
US6947406B2 (en) Establishing connections between terminal equipment and a mobile terminal
Sharp Communication Networks
US20050237990A1 (en) Data transmission method and system
KR100726618B1 (en) Data termination system and method thereof
EP1232664B1 (en) Method and device for carrying out security procedures involving mobile stations in hybrid cellular telecommunication systems
KR100470688B1 (en) Packet Call Forwarding Method in Mobile Communication System
KR100912175B1 (en) Data transmission line establishing system between mobile telephone terminals
KR101058676B1 (en) Relay server and system that provides call forwarding information
JP2008306382A (en) Radio communication system
KR20040011806A (en) Packet call forwarding method in mobile communication system
KR20020015769A (en) Method of providing a service of receiving data to mobile stations in a mobile communication system

Legal Events

Date Code Title Description
AS Assignment

Owner name: TELEFONAKTIEBOLAGET L M ERICSSON (PUBL), SWEDEN

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:ANDERSSON, DICK SVEN;KARLSSON, TORGNY;HERLITZ, ANDERS;REEL/FRAME:009093/0969

Effective date: 19980108

STCF Information on status: patent grant

Free format text: PATENTED CASE

FPAY Fee payment

Year of fee payment: 4

FPAY Fee payment

Year of fee payment: 8

FPAY Fee payment

Year of fee payment: 12